Winamp advises forum password reset after mystery hack

Winamp is advising users of its media player software who frequent its forum to change their passwords after a security breach resulted in the disclosure of thousands of email addresses.

The breach only exposed users' email addresses, so the forum logon password change policy is purely a precaution, according to Winamp. The firm said that users of its media player software were not affected directly by the breach, which hit only its forum and not its main site winamp.com or its developers' site.

Beyond saying that it had detected an attack on its forum database – later determined to be isolated – Winamp says little about the likely source or motive of the cyber-assault. In a statement (extract below), the software developer apologises for the incident, which may leave an unknown number of users more exposed to spam.

We have determined that your email address was exposed as a result of this attack, so as a precautionary measure, we recommend that you change that [sic] your password on the Winamp Forums. In addition, we recommend that you change your password every few months as a best practice for keeping your information secure.

The statement, which was emailed to forum members, some of whom forwarded the message to El Reg, was republished in Winamp's forum on Tuesday. ®